Skip to content

Improve CI #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Harvester57 wants to merge 18 commits into from
Closed

Improve CI #5

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
59fc1db
Create dependabot.yml
Harvester57 Dec 8, 2025
f2b78a1
actions: bump the actions-dependencies group with 5 updates
dependabot[bot] Dec 8, 2025
f2e1fb0
Merge pull request #1 from Harvester57/dependabot/github_actions/acti…
Harvester57 Dec 8, 2025
dfc639c
Fix #14301: SymbolDatabase: c code, inner struct and outer struct has…
swasti16 Dec 8, 2025
2fee3b4
Partial fix for #11522 FP AssignmentIntegerToAddress with function po…
chrchr-github Dec 8, 2025
1d897ae
htmlreport: support remote GitHub/GitLab links for source files (#7988)
rgetz Dec 9, 2025
804c4a4
Fix #13303 FN unreadVariable (iterator) (#8023)
chrchr-github Dec 9, 2025
bdf2f42
refs #14280 - report inline suppressions without an error ID (#8011)
firewave Dec 9, 2025
514dc56
htmlreport: preserve filter state when navigating back/forward (#7993)
rgetz Dec 10, 2025
40cf3c3
Fix #14305 Wrong buffer sizes computed by valueFlowDynamicBufferSize…
chrchr-github Dec 10, 2025
575de99
Fix #14323 (Addons; Add optional "cwe" attribute) (#8026)
danmar Dec 12, 2025
9a911ef
actions: bump actions/cache in the actions-dependencies group
dependabot[bot] Dec 12, 2025
66078d3
Fix #14324 syntaxError for enum member declared as bitfield (#8027)
chrchr-github Dec 13, 2025
2d5dde9
Merge pull request #3 from Harvester57/dependabot/github_actions/acti…
Harvester57 Dec 13, 2025
e7f0ee6
Merge branch 'danmar:main' into main
Harvester57 Dec 13, 2025
e11ded1
[StepSecurity] ci: Harden GitHub Actions
step-security-bot Dec 13, 2025
0363a4a
Update Cygwin install action to version 6
Harvester57 Dec 13, 2025
549302b
Merge pull request #4 from step-security-bot/chore/GHA-131157-stepsec…
Harvester57 Dec 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file

version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
commit-message:
prefix: "actions"
schedule:
interval: "daily"
groups:
actions-dependencies:
applies-to: version-updates
patterns:
- "*"
4 changes: 2 additions & 2 deletions .github/workflows/CI-cygwin.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,12 +37,12 @@ jobs:
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: Set up Cygwin
uses: cygwin/cygwin-install-action@master
uses: cygwin/cygwin-install-action@f2009323764960f80959895c7bc3bb30210afe4d # v6
with:
platform: ${{ matrix.platform }}
packages: ${{ matrix.packages }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/CI-mingw.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,12 @@ jobs:
timeout-minutes: 19 # max + 3*std of the last 7K runs

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: Set up MSYS2
uses: msys2/setup-msys2@v2
uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0
with:
release: false # use pre-installed
# TODO: install mingw-w64-x86_64-make and use mingw32.make instead - currently fails with "Windows Subsystem for Linux has no installed distributions."
Expand All @@ -49,7 +49,7 @@ jobs:
mingw-w64-x86_64-gcc

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/CI-unixish-docker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:
image: ${{ matrix.image }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

Expand All @@ -56,7 +56,7 @@ jobs:
# needs to be called after the package installation since
# - it doesn't call "apt-get update"
- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ matrix.image }}

Expand Down Expand Up @@ -91,7 +91,7 @@ jobs:
image: ${{ matrix.image }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

Expand All @@ -104,7 +104,7 @@ jobs:
# needs to be called after the package installation since
# - it doesn't call "apt-get update"
- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ matrix.image }}

Expand Down
32 changes: 16 additions & 16 deletions .github/workflows/CI-unixish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,12 @@ jobs:
CCACHE_SLOPPINESS: pch_defines,time_macros

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

Expand Down Expand Up @@ -85,19 +85,19 @@ jobs:
CCACHE_SLOPPINESS: pch_defines,time_macros

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

# TODO: move latest compiler to separate step
# TODO: bail out on warnings with latest GCC
- name: Set up GCC
uses: egor-tensin/setup-gcc@v1
uses: egor-tensin/setup-gcc@eaa888eb19115a521fa72b65cd94fe1f25bbcaac # v1.3
if: false # matrix.os == 'ubuntu-22.04'
with:
version: 13
Expand Down Expand Up @@ -201,12 +201,12 @@ jobs:
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

Expand Down Expand Up @@ -235,12 +235,12 @@ jobs:
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

Expand Down Expand Up @@ -269,7 +269,7 @@ jobs:
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

Expand Down Expand Up @@ -297,12 +297,12 @@ jobs:
CCACHE_SLOPPINESS: pch_defines,time_macros

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

Expand Down Expand Up @@ -359,12 +359,12 @@ jobs:
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

Expand Down Expand Up @@ -597,12 +597,12 @@ jobs:
runs-on: ubuntu-22.04 # run on the latest image only

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/CI-windows.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,17 +33,17 @@ jobs:
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: Set up Visual Studio environment
uses: ilammy/msvc-dev-cmd@v1
uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
with:
arch: x64

- name: Install Qt ${{ matrix.qt_ver }}
uses: jurplel/install-qt-action@v4
uses: jurplel/install-qt-action@d325aaf2a8baeeda41ad0b5d39f84a6af9bcf005 # v4.3.0
with:
version: ${{ matrix.qt_ver }}
modules: 'qtcharts'
Expand Down Expand Up @@ -87,25 +87,25 @@ jobs:
PCRE_VERSION: 8.45

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: Set up Python
if: matrix.config == 'release'
uses: actions/setup-python@v5
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
with:
python-version: '3.14'
check-latest: true

- name: Set up Visual Studio environment
uses: ilammy/msvc-dev-cmd@v1
uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
with:
arch: x64

- name: Cache PCRE
id: cache-pcre
uses: actions/cache@v4
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
with:
path: |
externals\pcre.h
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/asan.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,17 +28,17 @@ jobs:
CCACHE_SLOPPINESS: pch_defines,time_macros

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- name: ccache
uses: hendrikmuhs/ccache-action@v1.2
uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
with:
key: ${{ github.workflow }}-${{ github.job }}-${{ matrix.os }}

- name: Set up Python
uses: actions/setup-python@v5
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
with:
python-version: '3.14'
check-latest: true
Expand All @@ -57,7 +57,7 @@ jobs:
sudo ./llvm.sh 21

- name: Install Qt ${{ env.QT_VERSION }}
uses: jurplel/install-qt-action@v4
uses: jurplel/install-qt-action@d325aaf2a8baeeda41ad0b5d39f84a6af9bcf005 # v4.3.0
with:
version: ${{ env.QT_VERSION }}
modules: 'qtcharts'
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/buildman.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,34 +19,34 @@ jobs:
convert_via_pandoc:
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

- run: |
mkdir output

- uses: docker://pandoc/latex:3.6.3
- uses: docker://pandoc/latex:3.6.3@sha256:48831aabd0a24e180a34c0bc5dd09792af43dbd7c2a2d394fbc6b10f9c48fe50
with:
args: --output=output/manual.html man/manual.md

- uses: docker://pandoc/latex:3.6.3
- uses: docker://pandoc/latex:3.6.3@sha256:48831aabd0a24e180a34c0bc5dd09792af43dbd7c2a2d394fbc6b10f9c48fe50
with:
args: --output=output/manual.pdf man/manual.md

- uses: docker://pandoc/latex:3.6.3
- uses: docker://pandoc/latex:3.6.3@sha256:48831aabd0a24e180a34c0bc5dd09792af43dbd7c2a2d394fbc6b10f9c48fe50
with:
args: --output=output/manual-premium.pdf man/manual-premium.md

- uses: actions/upload-artifact@v4
- uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: output
path: output

manpage:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

Expand All @@ -59,7 +59,7 @@ jobs:
run: |
make man

- uses: actions/upload-artifact@v4
- uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: cppcheck.1
path: cppcheck.1
6 changes: 3 additions & 3 deletions .github/workflows/cifuzz.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,20 +14,20 @@ jobs:
steps:
- name: Build Fuzzers
id: build
uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@6f5791d8b0ca004e5d35f8d75407347c7848f3b0 # master
with:
oss-fuzz-project-name: 'cppcheck'
dry-run: false
language: c++
- name: Run Fuzzers
uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@6f5791d8b0ca004e5d35f8d75407347c7848f3b0 # master
with:
oss-fuzz-project-name: 'cppcheck'
fuzz-seconds: 300
dry-run: false
language: c++
- name: Upload Crash
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
if: failure() && steps.build.outcome == 'success'
with:
name: artifacts
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/clang-tidy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
QT_VERSION: 6.10.0

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false

Expand All @@ -47,7 +47,7 @@ jobs:
sudo apt-get install -y clang-tidy-21

- name: Install Qt ${{ env.QT_VERSION }}
uses: jurplel/install-qt-action@v4
uses: jurplel/install-qt-action@d325aaf2a8baeeda41ad0b5d39f84a6af9bcf005 # v4.3.0
with:
version: ${{ env.QT_VERSION }}
modules: 'qtcharts'
Expand Down Expand Up @@ -86,7 +86,7 @@ jobs:
run: |
cmake --build cmake.output --target run-clang-tidy-csa 2> /dev/null

- uses: actions/upload-artifact@v4
- uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
if: success() || failure()
with:
name: Compilation Database
Expand Down
Loading
Loading